How have you solved the puzzle and utilizing CIAM for this purpose? Should CIAM focus purely on authenticating/authorization the customers or having more control of contact information, consents and preferences (I'd prefer the latter one)?

4.2k views1 Upvote2 Comments

Sort by:

Software Engineer in Software2 years ago

I believe that CIAM should focus on more than just authenticating and authorizing customers. It should also provide organizations with the ability to manage contact information, consents, and preferences. This is important for a number of reasons:

It allows organizations to build stronger relationships with their customers. By having a better understanding of their customers' contact information, consents, and preferences, organizations can provide more personalized and relevant experiences.
It helps organizations to comply with data privacy regulations. Many data privacy regulations, such as the GDPR and CCPA, require organizations to obtain consent from their customers before collecting and processing their personal data. CIAM can help organizations to manage this consent process effectively.
It gives organizations more control over their data. By managing contact information, consents, and preferences within CIAM, organizations can reduce their reliance on third-party systems and have more control over their data security.

Head of ISG in Finance (non-banking)2 years ago

By expanding CIAM to cover these aspects, you can create a more comprehensive and customer-centric approach to managing customer identities. This not only enhances security and compliance but also contributes to improved customer experiences and relationships. However, it's crucial to strike the right balance between data control and customer convenience, ensuring that customers feel empowered and in control of their data while also meeting regulatory requirements.

Content you might like

How do you manage elevated access for your workforce?

Provision privilege user account separate from regular user account, and expect workforce to use privilege account for elevated access70%

Provision standing privilege\elevated access on the regular user account 30%

Use Just-In-Time (JIT) provisioning to elevate privileges on demand for regular user account26%

View Results

What’s the most critical thing to have when wanting to adopt security innovation?

Internal cooperation25%

Open-minded board28%

Understanding the business17%

Understanding threat landscape21%

Being on top of the latest technology7%

View Results

I would like to know how other organizations are adopting Microsoft. Copilot Studio. Some questions I have are: 1. Should we allow every employee to use Copilot Studio as a DIY tool or should it be restricted to Software Developers only? 2. What guardrails and policies should we put in place before implementing Copilot Studio? 3. Are you using Copilot Studio and if yes, what is your feedback in terms of productivity gains and any other concerns?

Looking to hear from any higher education (preferably CDN) that have or are in the process of introducing IAM to their organization. Any best practices or "gotchas"?

There has been lot of talk around context based authentication especially to trigger strong authentication. I am not not able to visualize how the foundation can be built in a companies which have hundreds or thousands of applications. When I say foundation, I really mean on which the AM or applications can rely to understand the context of the user. Have you implemented context based authentication in your systems or If you are going to ? How is the "foundation" built?